DAILY NEWS: Setembro (18/09 - 24/09) - 38 Semana de 2022

Cyber Security and Information Security News - Daily Updates !! Weekly Review

24/09

15 Year Old Python Bug Let Hacker Execute Code in Code 350k Python Projects

American Airlines learned it was breached from phishing targets

Criminals are using QR codes to target victims - how to avoid 'most insidious' scam

Hackers Exploited Zero-Day RCE Vulnerability in Sophos Firewall — Patch Released

Israel Bolsters Digital Defense Amid Iran Cyber Threat – Analysis

Landbank warns of phishing scam via Google Ads search

London Police Arrested 17-Year-Old Hacker Suspected of Uber and GTA 6 Breaches

Microsoft SQL servers hacked in TargetCompany ransomware attacks

OneTouchPoint data breach investigation: Who’s affected?

Optus confirms customer data breach, says passport data may be affected

Optus issues data scam alert to customers

Ransomware attacks on healthcare organizations have devastating results for providers & patients

Some Questions answered by the GTA 6 Leaks and others left hanging

Take-Two confirms cyber attack on 2K Games

TAP cyberattack: Portuguese president's personal data stolen

What is a cyber insurance policy? Should you buy one?

23/09

As Cyberattacks Intensify, Orgs Don’t Report Incidents

Australian Telecoms company Optus discloses security breach

Beware fake anti-virus reviews

CISA Warns of Hackers Exploiting Recent Zoho ManageEngine Vulnerability

Critical ManageEngine RCE flaw is being exploited (CVE-2022-35405)

Cyber attack threat: Dumfries and Galloway Council on alert

Cyber Security & Cloud Expo: Examining the 2022 malware landscape

Cyprus and Romania build ties on cybersecurity, innovation and entrepreneurship

Europol "Hackathon" Identifies Scores of Human Trafficking Victims

Fake Indian Banking Rewards Apps Targeting Android Users with Info-stealing Malware

Firing Your Entire Cybersecurity Team? Are You Sure?

Hackers Using Malicious OAuth Apps to Take Over Email Servers

How does identity crime affect victims?

Learn How To Be A Good Hacker With The 2023 Cyber Security Ethical Hacking Bundle With 98% Off

Massive cyber attack in Australia; nearly 10 million people affected

Microsoft shares workarounds for Windows Group Policy issues

Mitigating the cybersecurity crisis for the school year ahead

Multi-million dollar credit card fraud operation uncovered

NSA Reveals "Hackers' Playbook" for OT Attacks

Optus cyber-attack could involve customers dating back to 2017

Optus Cyber-attack | What You Need to Know

Revolut hit by ‘highly targeted’ cyber attack

Risk management focus shifts from external to internal exposure

Seven-Year Mobile Surveillance Campaign Targets Uyghurs

Supply chain cyber security series

The Central Securities Clearing System (CSCS), regulators, others set to tackle cyber security challenges

This image contains its own MD5 checksum — and it's kind of a big deal

Void Balaur Hackers-for-Hire Targeting Russian Businesses and Politics Entities

Why MFA matters: These attackers cracked admin accounts then used Exchange to send spam

22/09

15-Year-Old Unpatched Python Vulnerability Potentially Affects Over 350,000 Projects

Authorized Push Payments Surge to 75% of Banking Fraud

BlackCat ransomware’s data exfiltration tool gets an upgrade

Critical Magento vulnerability targeted in new surge of attacks

Customers’ personal data stolen as Optus suffers massive cyber-attack

Data Stolen: TAP Air Portugal Suffers Cyberattack

Fake Banking Rewards Apps Install Info-stealing RAT on Android Phones

Google Chrome users looking to download pirated software at risk of new malware infection

Hackers stealing GitHub accounts using fake CircleCI notifications

Hackers Targeting Unpatched Atlassian Confluence Servers to Deploy Crypto Miners

How to Prevent Ransomware as a Service (RaaS) Attacks

Iranian Hackers Hid in Albanian Networks for Over a Year

IT Security Takeaways from the Wiseasy Hack

Los Angeles school district receives ransom demand from Labor Day weekend cyberattacker

Malicious NPM Package Caught Mimicking Material Tailwind CSS Package

Microsoft Exchange servers hacked via OAuth apps for phishing

Morgan Stanley Fined $35m By SEC For Data Security Lapse

National Security Agency (NSA) shares guidance to help secure OT/ICS critical infrastructure

Nelnet loan service data breach: What you should know

OpIran – Anonymous Hits Iranian State Sites, Hacks Over 300 CCTV Cameras

Optus attack exposes customer information

Optus data breach: who is affected, what has been taken and what should you do?

Optus Hit By Cyber-Attack, Breach Affects Nearly 10 Million Customers

Preventing the Recruitment of Insider Threat Actors

Python tarfile vulnerability affects 350,000 open-source projects (CVE-2007-4559)

Researchers Disclose Critical Vulnerability in Oracle Cloud Infrastructure

Researchers Uncover Years-Long Mobile Spyware Campaign Targeting Uyghurs

Russia-Based Hackers FIN11 Impersonate Zoom to Conduct Phishing Campaigns

SMBs vs. large enterprises: Not all compromises are created equal

Threat actors have their insider threats, too

Three Iranian Nationals Charged in Critical Services Scheme

Twitter Password Reset Bug Exposed User Accounts

Uber hack reveals key security lapses; here’s how firms can avoid them

Up to 9 million Aussies affected in major Optus data breach

US Agency Broke Into China’s Telecom Networks, State Media Says

US’ NSA infiltrates China’s data infrastructure in cyberattack on leading university

Waterloo Region District School Board (WRDSB) lawyer clarifies police timeline in cyber attack

What you need to know about Evil-Colon attacks

21/09

2K Games Support Desk Hacked, Phishing Emails Sent To Certain Players

2K warns of cyber attack of its customer support

3 free Linux security training courses you can take right now

4 key takeaways from “XDR is the Perfect Solution for SMEs” webinar

20/20 visibility is paramount to network security

350K Open-Source Projects At Risk of Supply Chain Vulnerability

Agent-based vs. agentless security: Pros and cons

American Airlines confirms data breach exposing some customers’ data

Best practices to bolster software supply chain security

ChromeLoader, what took you so long? Malvertising irritant now slings ransomware

Companies Without Zero Trust Could Lose $1M More During a Data Breach

Critical Remote Hack Flaws Found in Dataprobe's Power Distribution Units

Crypto Trading Firm Wintermute Loses $160 Million in Hacking Incident

DDoS and bot attacks in 2022: Business sectors at risk and how to defend

Domain shadowing becoming more popular among cybercriminals

FBI: Iranian hackers lurked in Albania’s govt network for 14 months

Is $15.6 billion enough to protect critical infrastructure?

LinkedIn Smart Links abused in evasive email phishing attacks

LockBit ransomware builder leaked online by “angry developer”

Malwarebytes mistakenly blocks Google, YouTube for malware

Microsoft Upgrades Windows 11 With New Security Features

Multiple Vulnerabilities Discovered in Dataprobe's iBoot-PDUs

NCSC: British Retailers Need to Move Beyond Passwords

New York Racing Association confirms hack by Hive ransomware group

Ninety Percent of Organizations Struggle with Ransomware

Open Source Repository Attacks Soar 700% in Three Years

Over 39,000 Unauthenticated Redis Instances Found Exposed on the Internet

Record DDoS Attack with 25.3 Billion Requests Abused HTTP/2 Multiplexing

Security lessons to learn after the Uber data breach

South Redford Schools closed again after cyber attack

Survey Reveals the Severity of Cloud Security Challenge

The explosion of data is beyond human ability to manage

The Multi-Cloud is The New Normal, But Creates Key Security Challenges

The rise of ‘PhaaS’ — and a roadmap to mitigate ‘Phishing-as-a-Service’

Twitter failed to log you out of all devices after password resets

Two-Fifths of US Consumers Suffer Personal Data Theft

Unpatched 15-year old Python bug allows code execution in 350k projects

U.S. Adds 2 More Chinese Telecom Firms to National Security Threat List

US to award $1B to state, local, and territorial governments to improve cyber resilience

Video Game Publisher Admits Helpdesk Was Hijacked

What Is Ransomware? A Guide to Ransomware Prevention and Removal

Why Zero Trust Should be the Foundation of Your Cybersecurity Ecosystem

Windows 11 gets better protection against SMB brute-force attacks

20/09

American Airlines Admits Data Breach

American Airlines Breach Exposes Customer and Staff Information

American Airlines hit by data breach

American Airlines says data breach affected some customers, employees

Brexit: ‘No known data breaches’ of EU citizens’ digital status since programme launch, minister claims

Cash Express, LLC Files Notice of Data Breach Following Unauthorized Access to the Company’s IT Network

City Furniture, Inc. Files Notice of Data Breach

Common medical devices ripe for cyberattack, LTC prone to security breaches

Critical Vulnerability in Oracle Cloud Infrastructure Allowed Unauthorized Access

Cyber Threat Detection: The First Layer of Defence in Depth

Cyber Security Awareness Master Plan to be ready in 2023: MKN

Europol and Bitdefender Jointly Release LockerGoga Decryptor

Game dev 2K’s support site hacked to push malware via fake tickets

Grand Theft Auto Publisher Rockstar Games Hacked

GTA 6: FBI investiga suposto hacker da Rockstar

Hacker da Uber afirma ter invadido jogos da Rockstar e lançado vídeos de GTA 6

Hackers invadem empresa de criptomoedas e roubam R$ 800 milhões

Hackers steal $162 million from Wintermute crypto market maker

Holiday Inn hotel chain hit by cyber attack

How can organizations benefit from full-stack observability?

How to activate Lockdown Mode on macOS Ventura

HowTo: Defend the Legal Sector from Insider Threats

Indonesia finally passes personal data protection law

Kiwi Farms Website Hacked! Admin Warns of Data Leak

Lapsus$, grupo hacker que derrubou a Microsoft, agora ataca fabricante do “GTA 6”

MFA Fatigue: Hackers’ new favorite tactic in high-profile breaches

New CFIUS Executive Order Clarifies Review Factors for Evolving National Security Landscape

NY Ambulance Service Suffers Healthcare Data Breach, 318K Impacted

Open-source software usage slowing down for fear of vulnerabilities, exposures, or risks

Organizations Lack Visibility Into Cloud Access

PebblePad achieves new ISO and cyber-security accreditations

Phishing attacks targeting US government have evolved in sophistication, Confense reports

Plans for the EU-wide Cyber Resilience Act have been unveiled

Ransomware attack at NY emergency service prompts data breach

Ransomware attacks have nearly doubled since 2020, according to GetApp

Revolut Breach May Have Hit 50,000+ Customers

Revolut data breach: 50,000+ users affected

Revolut mobile banking startup confirms data breach of 50,000 users

Ripple effects of ransomware attack against Suffolk County continue more than a week later

Russian Sandworm Hackers Impersonate Ukrainian Telecoms to Distribute Malware

Social Engineering: How A Teen Hacker Allegedly Managed To Breach Both Uber And Rockstar Games

SpyCloud Report: Despite Increased Spend on Ransomware Mitigation, 90% of Companies Affected in the Last Year

Take cybersecurity out to where employees and data are coming together

The 25 most popular programming languages and trends

The Innovative CEO Of An Automotive Cyber Security Company

The rise of attacks on critical infrastructure

Third-Party Risk in the Cloud

Uber Blames Lapsus$ for Breach

Uber Blames LAPSUS$ Hacking Group for Recent Security Breach

Uber hit by significant cyber attack

Uber says Lapsus$ gang is behind the recent breach

While Hackers Eye Small Businesses, Ransomware Attacks Decline

Wintermute, market maker cripto, perde US$ 160 milhões com ataque hacker a operação DeFi

19/09

Akamai APJ Ransomware Report H1 2022 - Summary

Alleged Grand Theft Auto 6 (GTA6) gameplay videos and source code leaked online

Cisco admits that the Yanluowang ransomware gang stole data from its network

Critical Infrastructure Takes Center Stage

Crypto giveaway scams continue to escalate

Emotet Botnet Started Distributing Quantum and BlackCat Ransomware

Europol and Bitdefender Release Free Decryptor for LockerGoga Ransomware

Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes

Google, Meta FINED about US$72 million in South Korea for data breach

GTA 6 in-development footage leaked, hack still unconfirmed

GTA 6 leaked: Hacker leaks over 90 gameplay videos showcasing alleged build

Hackers target gamers in SA, Kenya

High severity vulnerabilities found in Harbor open-source artifact registry

How to Know if You’ve Been Caught up in a Data Breach, and What You Can Do About It

Indonesia hunts for Bjorka, hacker selling 1.3b SIM card users’ data, taunting officials

It’s 2022 – Are Passwords Still Important?

LastPass publishes details of the cyber attack it received

Microsoft Teams' GIFShell Attack: What Is It and How You Can Protect Yourself from It

Microsoft Warns of Large-Scale Click Fraud Campaign Targeting Gamers

Most critical security gaps in the public cloud

Pacific Asia Travel Association (PATA) cautions on mailing list scam

Prevention remains best strategy when dealing with cyber risks - Lewis Clark

Revolut Bank reveals that it has suffered a data breach on its data security

Revolut hack exposes data of 50,000 users, fuels new phishing wave

SaaS Security Issues Driven by Sprawl, Lack of Visibility

Schrodinger’s Misconfigurations

Securing your Apple device front through unified endpoint management

Starbucks SG involved in data breach

TeamTNT is back and targets servers to run Bitcoin encryption solvers

The benefits of digital trust

The impact of location-based fraud

The Security Awareness Of People Is The Important Firewall In IT

Trend Micro warns of attack surge, targets more sectors

Uber Hacker Claims To Have Hacked Rockstar Games, Releases GTA 6 Videos

What do SOC analysts need to be successful?

Where to Find the Best Healthcare Software Developers

18/09

Após leak de GTA 6, suposto hacker quer negociar código fonte de GTA 5

AWS misconfiguration exposes the data of Indian government and universities including Banaras Hindu University

Indonesia hunts for Bjorka, hacker selling 1.3b SIM card users' data, taunting officials

Bangladesh is at serious risk of cyber crimes

CERT-In issues new advisory for smartphone users as cybercrime cases rise

ClearBalance, Bricker & Eckler settle data breach lawsuits involving patient data

Deleted popular hotel chain’s data ‘for fun,’ claims hacker couple

Elder fraud is real. Tell your parents, grandparents and friends about these scams

GTA 6 Hacker Claims He Also Hacked Into Uber

GTA 6 hacker has access to source code, shares 10K lines of code

Hacker couple erased hotel group's data for fun: Report

Hacker Couple Who Erased Hotel Chain Data Mock Terrible Password

Hacker quer vazou gameplays do GTA 6 quer negociar acordo com a Rockstar para não fazer mais vazamentos

Hacker que vazou vídeos do GTA 6 divulga 10 mil linhas de código do jogo e ameaça fazer mais vazamentos

Hunt on for hacker who leaked over one billion Indonesians’ data

Large cache of GTA 6 development footage may have leaked online

Lloyds Bank issues alert on council tax scam targeting 'anyone with an email account'

Malvertising: How to avoid falling for these malware-infested ads

Microsoft Teams deemed unsafe to use by security researchers

Piracy Advertising Researchers Fall Victim to Ransomware Attacks

Starbucks Singapore’s Database Gets Breached

Staying ahead of scammers an opportunity for S'pore to boost its financial reputation: Experts

TeamTNT hijacking servers to run Bitcoin encryption solvers

The Storage Manager’s Quick-Guide to Ransomware Resiliency

Uber Data Breach: Company Says No Private Users' Data Compromised

Uber probing data breach incident involving ‘internal systems’

Uber says services are operational following data breach

Watford Community Housing denies scam calls due to data breach

What is Sova virus? All you need to know about the new mobile banking virus

What to do if you were a corporate hack victim

DAILY NEWS: Setembro (11/09 - 17/09) - 37 Semana de 2022